Secure Computing revamps firewall line

Secure Computing this week plans to unveil a line of firewalls that combines the best features of two separate lines and at the high end doubles to 1 million the maximum number of simultaneous connections supported vs. earlier versions.

The Sidewinder G2 appliances eventually will replace the company’s current Sidewinder firewall and the Gauntlet firewall it acquired a year ago from Network Associates.

The new line will feature six firewalls, ranging from the small-office Model 25 to the high-end Model 4000, plus a management appliance based on technology that borrows heavily from the Gauntlet line. All of the Sidewinder G2 models can be managed centrally via the G2 Enterprise Manager.

Secure Computing says its new firewalls will allow for filtering based on a variety of techniques, such as stateful inspection and application-layer proxies.

“We have 15 application-specific proxies for mail, DNS, HTTP, the Web, FTP, SQL and others,” says Paul DeBernardi, director of product marketing. This makes it possible for administrators to conduct detailed inspection of applications traversing the firewall based on their content, he says.

In coming months, Secure Computing plans to add antivirus filtering to the Sidewinder G2, based on a scanning engine in the works by partner Network Associates.

Although filtering of Web services is an area of growing concern for vendors of gateway products such as firewalls, Secure Computing won’t be tackling XML-based filtering until a year or so from now. At that time, Secure Computing will also announce a scheduled “end-of-life” deadline for phasing out the old Sidewinder and Gauntlet.

Jeff Thompson, IT manager at Fremont, Calif.-based semiconductor subcontractor ISE Labs, says he intends to migrate from the old Sidewinder to the G2, even though it won’t have the antivirus support right away.

“I like that their operating system is hardened, and that the firewall is good at fending off Port 80 attacks,” he says.

Although Thompson says Sidewinder is the best firewall he has tested, his company does use others, including the Cisco PIX, for cost reasons. He says it would be hard to justify paying $5,000 for a low-end Sidewinder G2 in a small office that could get by with a $1,000 model from a competitor.

Secure Computing is the first firewall vendor to put its management console into an appliance. The company says it did this to alleviate any difficulty in loading its software onto general-purpose hardware platforms. The appliance can be used to manage approximately 400 Sidewinder G2 firewalls, authenticating them with digital certificates, and serving as a central repository for firewall logs and backups.

Secure Computing is having the Sidewinder G2 tested to meet the security requirements of the international Common Criteria product-review program so that the firewall can be purchased by government agencies with national security responsibilities.

The Model 25 supports 25 users, with 25 simultaneous connections. It can have up to four Gigabit Ethernet ports, but has a maximum throughput of 155M bit/sec. It costs $5,900. The Model 100 is similar, but it supports up to 100 users and costs $9,500. The Model 250 supports 250 users and costs $13,900.

The Model 1000, 2000 and 4000 each support an unlimited number of users, range from 500,000 to 1 million simultaneous connections, and have from four to nine Gigabit Ethernet ports. The 1000 costs $23,900; the 2000 costs $32,900; and the 4000 costs $94,900.

The firewalls can be managed through the G2 Enterprise Manager, an appliance that starts at $15,900 for 10 firewalls.